Menu

Menu

Menu

Menu

Menu

Menu

Menu

Menu

Menu

Loading Results

Our Take | Adam Gilbert retirement edition: Resolution, stress tests, AI and more

  • June 26, 2026

Change remains a constant in financial services regulation

Read "our take" on the latest developments and what they mean.

FDIC proposes streamlined IDI resolution and revised deposit insurance assessments

What happened? On June 25th, the FDIC issued a proposal to revise resolution planning requirements currently applicable to insured depository institutions (IDIs). It also issued a separate proposal to revise deposit insurance assessments.

How would IDI requirements change? The proposal would:

  • Raise the threshold for rule application. The asset threshold for IDIs subject to the rule would increase from $50 billion to $100 billion and eliminate the current distinction between “Group A” and “Group B” IDIs.[1] Based on FDIC estimates, the number of covered firms would decline from 48 to 32. The threshold would also be adjusted over time using a proposed indexing methodology.
  • Narrow and focus the scope of submissions. The proposal would eliminate more than half of current requirements, including resolution strategy, failure scenarios, valuation analysis, economic effects, franchise component identification, and other resolution‑related assessments, as well as requirements related to describing internal processes, governance, and firm capabilities. It would also add or refine requirements in several areas, including mapping of IT architecture, processing cut‑off times for deposit and loan operations, and more detailed information on deposit products and flows. In addition, it would refocus affiliate interconnection requirements on day‑to‑day operational reliance, replace requirements to report on broad asset portfolios with a narrower focus on material loan portfolios, and narrow requirements related to digital services and products.
  • Simplify filing cycle. All covered IDIs would move to a three-year submission cycle, with interim supplements eliminated and replaced by a requirement to notify the FDIC of material changes through a more targeted “notice of extraordinary event” process.
  • Remove capabilities testing and streamline review. The proposal would eliminate capabilities testing and structured engagement used to assess firms’ ability to execute resolution actions, as well as formal credibility determinations and structured feedback findings (e.g., “material weakness”).

How would deposit insurance assessments change? The FDIC would raise the asset threshold that distinguishes small from large institutions from $10 billion to $30 billion, with the threshold indexed for inflation every four years. The proposal would also lower initial base assessment rate schedules by 2 basis points for small institutions and by 1 basis point for large and highly complex institutions. In total, the FDIC expects 76 institutions to be reclassified as “small” banks, and across both large and small banks the FDIC expects a reduction in premiums of $4 billion. Separately, the proposal would introduce a resolution readiness adjustment (RRA) that would let large institutions reduce their assessment rates by up to an additional 1 basis point, earned across two independent components: 0.5 basis points for passing virtual data room (VDR) testing, and 0.5 basis points for providing the FDIC access to service providers and/or internal systems to obtain the data needed to manage and market the institution in receivership.

Our Take

Significant relief for IDIs

The IDI proposal would bring welcome relief across the board, but most acutely to the 16 IDIs between $50 billion and $100 billion that would drop out of scope entirely. For those that remain in scope, the move to a three-year submission cycle for all filers, combined with removal of the interim supplement requirement and, reduced content requirements would significantly reduce the time spent preparing, reviewing, and approving resolution submissions. The proposed elimination of capabilities testing expectations and credibility determinations signals a lighter-touch and more targeted engagement approach from the FDIC, easing demands on stakeholders to participate in resolution planning efforts between filing cycles, though it also removes a recurring forcing function that kept resolution readiness on management's agenda. In addition, the revisions to the content requirements would meaningfully reduce effort required to perform certain analysis, such as identifying franchise components, and maintain extensive narrative documentation, while bringing greater clarity and specificity to data collection requirements.

Broad deposit insurance assessment relief with trade-offs for readiness relief

Likewise, the deposit insurance premiumassessment changes could be significant for some institutions – particularly those moved from “large” to “small” bank status, which would then benefit from the proposed 2 basis point premium reduction. At the same time, tThe RRA is the genuinely novel aspect of the two proposals, tying a firm's resolvability directly to its premiums. The proposal resolves the open question from Chairman Hill's preview two weeks ago: the FDIC treats the two components to receive such an adjustment (VDR testing and granting system access) as equivalent and fully independent, rather than weighting one more heavily or bundling them. In deciding whether to undergo virtual data room (VDR) testing and/or grant the FDIC direct systems access, firms will need to weigh potentially significant financial benefits against the added burden of participation and potential information security concerns. Because many firms have already developed VDR capabilities under the current rule, the 0.5 basis point reduction for participating in testing once every three years may be an appealing trade. The direct systems access is more uncertain ‒ while the proposed scope is limited to ledger, deposit, loan, and key personnel data, firms may seek additional clarity on the nature of the required access and associated information security protocols before deciding on a path forward.

Fed releases stress test results

What happened? On June 24th, the Fed released the results of its 2026 Dodd-Frank Act Stress Test (DFAST) – i.e. its annual capital stress test for large banks. The Fed deferred action on the large banks’ capital requirements, as they will maintain their current stress capital buffers (SCBs) until 2027, when new requirements can be calculated using revised models that reflect public feedback.

What were the specific results? In 2026, all 32 large banks subject to the test remained above their minimum regulatory capital requirements under the severely adverse scenario. Because firm participation has varied across recent cycles, comparisons to 2024 provide a more consistent basis for comparison:

  • Aggregate CET1 fell from 12.8% in 4Q25 to a minimum of 11.2%, a decline of 1.6 percentage points. In 2024, aggregate CET1 fell from 12.7% to 9.9%, a decline of 2.8 percentage points.
  • Aggregate projected losses were nearly $708 billion in 2026 relative to $541 billion in 2024.
  • The largest loan loss categories in 2026 were credit cards at about $203 billion, commercial and industrial loans at about $158.2 billion, and domestic commercial real estate at about $76.5 billion. In 2024, the comparable figures were about $158 billion in credit card losses, $124 billion in commercial and industrial loan losses, and $52 billion in commercial real estate losses.

How severe was the scenario? The 2026 exercise was run using supervisory models that remained largely unchanged from 2025, with only limited adjustments. Compared with 2024, the 2026 scenario included a smaller GDP decline, a smaller house price decline, and a smaller increase in unemployment, but a larger decline in commercial real estate prices and a larger decline in equity prices. In 2026, real GDP declined 4.6% peak-to-trough, house prices declined 30%, commercial real estate prices declined 39%, equity prices declined 58%, and unemployment rose 5.5 percentage points to 10%. In 2024, the severely adverse scenario produced a 7.8% GDP decline, a 33% house price decline, a 30% commercial real estate price decline, and a 50% equity price decline.

What drove this year’s results? The Fed identified three main factors behind the 2026 results: higher loan losses due to larger loan balances and more severe changes in certain scenario variables; smaller unrealized gains on available-for-sale securities because of smaller hypothetical declines in interest rates; and higher projected net interest income reflecting recent bank financial performance and the path of interest rates in the scenario.

What's next? The Fed will continue to work towards finalizing outstanding proposals related to stress testing. These include an April 2025 proposal that would average stress capital buffers over two years and delay the effective date of new stress-based capital requirements. In addition, a set of proposals from October 2025 would establish annual public comment on scenarios and supervisory models and make broader changes to scenario design and supervisory models.

Our Take

No major changes this year, but heightened transparency for the Fed in the future

With current SCB requirements held constant until 2027, this year’s results serve more as a baseline for the transition underway in stress testing than as a guide to future capital outcomes, which will depend on how the open stress testing rulemakings are finalized. The proposals on SCB averaging and timing would reduce the sensitivity of capital requirements to any single year’s outcome, while the proposals on annual public comment, scenario design, and model updates would aim to make the framework more transparent and more iterative. Taken together, those changes should shift stress testing away from a largely fixed, opaque annual exercise toward a process that evolves more visibly over time through model revisions, scenario calibration, and industry feedback. That transparency would usher in a new era of dialogue around differences between the results coming from banks' own models that are meant to be calibrated to their businesses versus the results from the Fed's standard models.

FSB releases AI sound principles report

What happened? On June 10th, the Financial Stability Board (FSB) released a report proposing twelve sound practices that financial institutions follow for the responsible adoption of AI. The report explains that the FSB does not intend to establish an international AI standard or impose a prescriptive approach for AI adoption. Instead, it aims to assist financial institutions with AI risk management considerations and promote international coordination.

What does the report say? The twelve practices are divided into three categories: (1) organization-wide governance; (2) management of the AI lifecycle; and (3) management of cyber and information and communication technology (ICT) risks. Key points include:

  • Organization-wide governance. The FSB suggests that management consider AI adoption as part of its business strategy and align governance with the institution's business model, risk appetite, and strategy. It also recommends that firms clearly define roles and responsibilities, maintain appropriate governance frameworks and accurate documentation, consider AI in risk management frameworks, and develop a responsive and risk-aware culture.
  • AI lifecycle guardrails. The FSB recommends designing guardrails tailored to the institution’s stage of AI development. Factors to consider include risk assessments, model selection, data governance, explainability and transparency, performance management, and appropriate human oversight.
  • Cyber and ICT risk management: The report points to operational risks resulting from the use of AI in coding and the emergence of deepfakes as a new channel for social engineering attacks, as well as the use of AI to evade cyber defences. It suggests integrating AI risk scenarios into communication technology (ICT) tests and exercises.
  • Third-party risk management: The FSB recommends leveraging and adapting existing third-party regulation to AI use cases, noting that institutions should monitor and manage concentration risk and consider controls to compensate where third-party assurance and data is suboptimal.
  • Agentic AI: The report flags that risks from AI agents can "materialise at great speed, highlighting concerns around agents taking unauthorized and erroneous actions, disrupting connected systems, and exposing sensitive data, all while being nearly impossible to subject to full monitoring at the scale of use.

What's next? Comments on the report are due by July 22nd. The FSB previously assessed AI-related financial stability implications in 2017 and 2024 and suggests that it may be subject to future reassessment.

Our Take

Flexibility, not specificity

The report’s high-level, non-prescriptive recommendations reflect the FSB’s deliberate balancing act: avoiding constraints on rapidly evolving AI technology while navigating consensus among 71 institutions from 25 global jurisdictions. The breadth of that membership ‒ and the wide range of views on AI regulation it represents ‒ makes specificity difficult, and arguably undesirable. Ultimately, the report will serve as a baseline for institutions to sanity check themselves as they implement AI tools and systems, but the details around governance and controls – such as data standards, escalation thresholds, third-party due diligence – will remain up to firms’ own risk management programs and, if applicable, the regulators of FSB member states. For US firms, AI-specific regulation appears to be far away as Fed Vice Chair for Regulation Michelle Bowman has repeatedly expressed her goal of allowing for responsible innovation while letting banks determine their own risk tolerance and risk management practices. This policy stance was recently put into practice as AI was explicitly excluded from revised model risk management guidance. However, she has also reminded firms that existing expectations apply to AI, particularly focusing on risks associated with cybersecurity and third parties.

With this absence of prescriptive expectations, banks need to thoughtfully integrate AI oversight into existing governance structures across risk, compliance, technology, and business functions. This includes establishing clear ownership for AI use cases, improving visibility into where AI capabilities are deployed, and exercising judgment around what level of review and monitoring is appropriate for probabilistic or difficult‑to‑explain outputs. Firms should also provide clear guidance to business users on appropriate use and reliance on AI‑generated outputs, and they should ensure AI use remains aligned with existing regulatory expectations across areas such as financial crimes, consumer protection, disclosures, and market conduct.

Treasury and bank regulators propose stablecoin CIP requirements

What happened? On June 18th, Treasury’s Financial Crimes Enforcement Network (FinCEN), along with the Fed, OCC, FDIC and NCUA jointly proposed customer identification program (CIP) requirements for stablecoin issuers under the GENIUS Act. The proposal follows an April 2026 FinCEN proposal that would require stablecoin issuers to maintain AML programs (see Our Take here).

Which institutions fall under the proposal’s scope? Under the proposal, stablecoin issuers would only be required to develop a CIP when they have a direct customer relationship. Secondary market activity would not trigger CIP requirements, and the agencies acknowledge that every transfer as a customer relationship would impose an unworkable, effectively global CIP obligation.

What does the proposal require as part of a CIP? It contains four core requirements:

  • A written program tailored to the firm’s size and risk profile.
  • Collection of customer information, including name, date of birth (for individuals) or formation date (for entities), address, and an ID number.
  • Identify verification procedures, including written procedures for when identity cannot be verified.
  • Government terrorist-list screening, which runs alongside — and does not replace — OFAC sanctions screening.

The proposal also explains that stablecoin issuers may rely on another federally-regulated institution's CIP for shared customers if the reliance is reasonable and the other institution certifies annually that it performs the relevant functions. It also notes that reliance does not transfer liability, and the stablecoin issuer remains ultimately responsible.

What's next? Comments on the proposal are due by August 21st, 2026.

Our Take

Primary market scope provides relief, secondary market risks remain

The proposal’s applicability to only those firms that directly interact with customers will come as a relief to many firms engaged in secondary market activity such as person-to-person payments, vendor transactions and exchange operations. This approach largely mirrors how CIP processes apply to electronic payment transactions today – firms do not re-verify a customer every time they tap a debit card. However, by excluding secondary market transactions from CIP requirements, the proposed framework does not eliminate the responsibility firms have to monitor secondary market activity for illicit-finance risks such as sanctions evasion and terrorist financing. Firms that conduct secondary market activity should therefore integrate their primary market CIP programs with their secondary market transaction monitoring, blockchain analytics and escalation programs to make sure that their program is adequately detecting and preventing illicit finance.

Meanwhile, by permitting firms to rely on third party CIP programs the proposal provides a practical solution that avoids duplicative verification among subsidiaries and intermediaries. But because firms retain the responsibility to manage risks associated with illicit finance, they must ensure that third-party risk management programs have the processes, contractual arrangements, and expertise necessary to confirm that third parties’ CIP programs adequately fit their specific customer base and products. These should include contractual requirements to document performance of specified functions as well as ongoing oversight.

Sanctions: US and Iran sign MOU

What happened? On June 17th, the US and Iran signed a Memorandum of Understanding (MOU) establishing a framework for the cessation of hostilities, the normalization of relations, and the relaxation and eventual termination of sanctions against Iran.

What are the sanctions-related provisions? The MOU draws a distinction between (1) immediate sanctions-related measures to be implemented upon signing and (2) longer-term measures tied to the negotiation and adoption of a final deal within 60 days.

  • Immediate measures. Following signing of the MOU, the US agreed that it will not impose any new sanctions against Iran pending the finalization of the deal. The US also issued a general license (Iran General License X), authorizing US persons to engage in transactions related to Iranian petroleum, including transactions that involve sanctioned vessels. The US also agreed to make frozen Iranian funds and assets fully available for use “upon implementation of the MOU,” leaving the exact timing and mechanics of execution unclear.
  • Longer-term measures. The US agreed to “terminate all types of sanctions on Iran,” including UN Security Council resolutions, as part of a final nuclear agreement. It also committed to developing a $300 billion reconstruction and economic development plan with regional partners and noted that Treasury will grant all required licenses, sanctions waivers and permissions for related transactions.

Adam Gilbert retires from PwC

What happened? On July 1st, Adam Gilbert, Senior Regulatory Advisor and founding force behind Our Take, will retire from PwC.

What has Adam meant to PwC and Our Take? Since joining the firm in 2015, Adam has advised boards and senior executives across the banking industry on navigating complex risk and regulatory challenges, bringing a perspective shaped by decades of experience across both regulators and the private sector. He became known across PwC for asking tough questions, holding teams to a high standard, and being the go‑to source for thoughtful, well‑informed views on risk and regulatory issues.

His impact on Our Take reflects that same approach. He built and shaped the publication into what it is today – challenging the team week after week to sharpen arguments, question assumptions, and communicate with precision.

What’s next? Adam Gilbert’s retirement is not open for a comment period but well wishes can be sent to agilbert711@gmail.com. Analysts have predicted that his retirement will take shape in a framework involving three pillars: (1) fun and family, which will likely include sub-components such as spending more quality time with his children and grandchildren as well as continuing to see live music (e.g., the Resentments at their regular Austin gig, Grateful Dead offshoots, major events at The Sphere); (2) dedicating time to the public good; and (3) since we know Adam will not be able to stay away from the financial services world for too long, we expect he will remain involved in some form. “Stay tuned!”

Our Take

Happy retirement Adam – we will miss you!

From the Our Take team, thank you Adam for your mentorship, candid opinions (on financial regulation and beyond), and for challenging us over the past ten years – even if it meant some late Fridays. We wish you all the best in your well‑deserved retirement.

On our radar

CFTC and SEC seek comment on harmonizing portfolio margining frameworks. On June 26th, the CFTC and SEC issued a joint request for public comment on potential approaches to align portfolio margining requirements across securities and derivatives markets. Comments are due 60 days after publication in the Federal Register.

CFPB rescinds advisory opinion on Regulation B special purpose credit programs. On June 17th, the CFPB published in the Federal Register a rescission of its 2020 advisory opinion related to Regulation B and special purpose credit programs (SPCPs). The Bureau determined the prior guidance was outdated and inconsistent with recent amendments to Regulation B, including new restrictions on the use of protected characteristics in determining program eligibility.

CFPB sends request for information on mortgage credit to OIRA. On June 22nd, the CFPB sent a draft RFI to the Office of Information and Regulatory Affairs (OIRA) ahead of anticipated publication in the Federal Register.

CFPB announces actions to improve consumer complaint system. On June 24th, the CFPB outlined a series of measures to enhance the effectiveness of its consumer complaint portal, including standardizing processes for credit reporting agencies, strengthening identity verification, and aligning complaint handling with statutory requirements.

OCC clarifies standards for evaluating filings. On June 17th, the OCC issued a release outlining how it applies existing regulatory standards when approving, conditioning, denying, or returning filings under 12 CFR 5.13. The guidance emphasizes that incomplete or materially deficient applications may be returned without review and that denial decisions will be made public to enhance transparency around the agency’s decision-making process.

FDIC board approves proposed changes to information disclosure rules. On June 26, the FDIC board approved a proposed rule that would change certain requirements and restrictions for disclosure under the Freedom of Information Act as well as bank disclosure of confidential supervisory information .

NCUA proposes rule on credit union mergers into banks. On June 22nd, the NCUA published a proposed rule to amend regulations governing mergers of insured credit unions into banks. The proposal would streamline procedural and disclosure requirements, reduce regulatory burden, and provide greater flexibility to credit union boards, while maintaining member protections and modernizing the conversion process. Comments are due by June 22nd, 2026.

FinCEN issues guidance on information sharing to combat fraud. On June 12th, FinCEN released updated guidance clarifying how financial institutions can share information related to suspected fraud and other illicit activity under Section 314(b) of the USA PATRIOT Act. The guidance expands examples of shareable data, including cyber and transactional indicators, and is intended to support broader efforts to enhance fraud detection and promote a more risk-based AML framework.

Illinois advances legislation to regulate BNPL providers. On June 23rd, Illinois lawmakers advanced a bill that would establish licensing and oversight requirements for BNPL providers, including consumer protections such as dispute resolution processes and limits on payment collection practices.

The House Committee on Financial Services (HCFS) holds hearing on the future of payments. On June 24th, the HCFS held a hearing examining the evolution of the U.S. payments system, with a focus on the role of bank and nonbank charters. The discussion addressed regulatory and supervisory frameworks, access to payment infrastructure, and how policy can promote competition, innovation, and cost efficiency while maintaining safety and soundness.

Canada lowers domestic stability buffer for major banks. On June 19th, Canada’s Office of the Superintendent of Financial Institutions (OSFI) reduced the domestic stability buffer from 3.5% to 3.0% of risk-weighted assets and lowered the buffer range to 0–3%. The change is intended to allow Canada’s largest banks to deploy excess capital to support lending and economic activity while maintaining strong capital positions.

Our Take: Financial services regulatory update – June 26, 2026

(PDF of 361.96KB)

{{filterContent.facetedTitle}}

Follow us

© 2017 - 2026 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.